pkg:Maven/com.vaadin:vaadin-bom

All known vulnerabilities

• HIGH7.5CVE-2020-36320Regular expression denial of service (ReDoS) in EmailValidator class in Vaadin 7
  >= 7.0.0.beta1, < 7.7.22
• HIGH7.5CVE-2021-31405Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17
  >= 14.0.6, < 14.4.4
• MEDIUM6.3CVE-2021-31411Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19
  >= 14.0.3, < 14.5.3
• MEDIUM6.3Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
  >= 18.0.0, < 19.0.4
• MEDIUM6.1Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14
  >= 14.0.0, < 14.4.5
• MEDIUM5.4Stored cross-site scripting in Grid component in Vaadin 7 and 8
  >= 7.4.0, < 7.7.20
• MEDIUM5.3Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19
  >= 10.0.0, < 10.0.19
• MEDIUM4.0Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8
  >= 7.0.0, < 7.7.24
• LOW2.5Reflected cross-site scripting in development mode handler in Vaadin 14, 15-19
  >= 14.0.0, < 14.6.2